Safety
Fail-Safe Systems
7-12 A5E00085588-03
Note
To check during operation whether the configured PROFIsafe monitoring times are
too short, you can insert in an ET 200M with fail-safe signal modules in safety
mode additional fail-safe signal modules in safety mode in which the configured
PROFIsafe monitoring time is lower. This is particularly advisable if the configured
PROFIsafe monitoring time that has to be checked is not much longer than the
minimum possible PROFIsafe monitoring time.
See Also
Configuring the Monitoring Times for F/FH Systems
7.4.2.3 Monitoring of Safety-related Communication between CPUs
Time monitoring takes place in the F_SENDR and F_RCVR and F_SENDBO and
F_RCVBO blocks respectively with the same monitoring time, which has to be
assigned parameters on both blocks (TIMEOUT).
To ensure that monitoring is not triggered in F_SENDR and F_SENDBO or in
F_RCVR and F_RCVBO when there are no errors, the TIMEOUT monitoring time
selected must be sufficiently long:
TIMEOUT > T CI,F_SEND + T CI,F_RCV + MAX(TDelay,F_SEND;
TDelay,F_RCV) + 2*TUSEND + MAX(MIN(TCiR, F_SEND;2500), MIN(TCiR,
F_RCV;2500))
Note the following:
Time Description Where to Find it?
TCI,F_SEND Configured cycle time of the cyclic interrupt OB with the
call of F_SENDBO or F_SENDR
HWCONFIG
CPU properties, "Cyclic
Interrupt, Execution"
TCI,F_RCV Configured cycle time of the cyclic interrupt OB with the
call of F_RCVBO or F_RCVR
HWCONFIG
CPU properties, "Cyclic
Interrupt, Execution"
TDelay,F_SEND Maximum communication delay when the standby in
the FH system is updated with the call of F_SENDBO
or F_SENDR
Properties of the sender
CPU, "H Parameters" tab
TDelay,F_RCV Maximum communication delay when the standby in
the FH system is updated with the call of F_RCVBO or
F_RCVR
Properties of the receiving
CPU, "H Parameters" tab
TUSEND Maximum response time of USEND
• With 48 bytes of user data for F_SENDBO
• With 88 bytes of user data for F_SENDR
You can find information on
the Internet (see below)
To Next Page
Loading...
Need help?
General
